use the AutodiscoverUrl(string, AutodiscoverRedirectionUrlValidationCallback) overload - exchange-server

We have installed the exchange server and one task server service.
When we restart the our task server connector service then we are getting the below error in logs
The service did not start properly. Microsoft.Exchange.WebServices.Data.AutodiscoverLocalException: Autodiscover blocked a potentially insecure redirection to https://exchangeservername.Domain.net/autodiscover/autodiscover.xml. To allow Autodiscover to follow the redirection, use the AutodiscoverUrl(string, AutodiscoverRedirectionUrlValidationCallback) overload.
at Microsoft.Exchange.WebServices.Data.ExchangeService.DefaultAutodiscoverRedirectionUrlValidationCallback(String redirectionUrl)
at Microsoft.Exchange.WebServices.Autodiscover.AutodiscoverService.CallRedirectionUrlValidationCallback(String redirectionUrl)
at Microsoft.Exchange.WebServices.Autodiscover.AutodiscoverService.TryLastChanceHostRedirection[TSettings](String emailAddress, Uri redirectionUrl, TSettings& settings)
at Microsoft.Exchange.WebServices.Autodiscover.AutodiscoverService.InternalGetLegacyUserSettings[TSettings](String emailAddress, List1 redirectionEmailAddresses, Int32& currentHop) at Microsoft.Exchange.WebServices.Autodiscover.AutodiscoverService.GetLegacyUserSettings[TSettings](String emailAddress) at Microsoft.Exchange.WebServices.Autodiscover.AutodiscoverService.InternalGetLegacyUserSettings(String emailAddress, List1 requestedSettings)
at Microsoft.Exchange.WebServices.Autodiscover.AutodiscoverService.GetUserSettings(String userSmtpAddress, UserSettingName[] userSettingNames)
at Microsoft.Exchange.WebServices.Data.ExchangeService.GetAutodiscoverUrl(String emailAddress, ExchangeVersion requestedServerVersion, AutodiscoverRedirectionUrlValidationCallback validateRedirectionUrlCallback)
at Microsoft.Exchange.WebServices.Data.ExchangeService.AutodiscoverUrl(String emailAddress, AutodiscoverRedirectionUrlValidationCallback validateRedirectionUrlCallback)
at Microsoft.Exchange.WebServices.Data.ExchangeService.AutodiscoverUrl(String emailAddress)
I searched this on the many forums but didn't get any solution yet

Related

Cannot send emails to yahoo using mailkit

I am creating a system that sends emails (pricing, orders, invoices, etc) to out customers. But due to the number of emails that ends up being, we hit limits when trying to send through gmail or any other mail client. And since these are all customer specific emails using a bulk sending client is not ideal.
So I have created a system using mailkit and others to send our emails from our own servers without needing to set up a relay or email server for sending. This works great with everyone (Gmail, outlook, etc) except for yahoo. For some reason when I connect and mailkit tries to switch to STL (via startstl) yahoo sends garbage and mail kit fails.
I have enabled all ssl and tsl protocols. And I have ServerCertificateValidationCallback always to return true. In fact ServerCertificateValidationCallback doesn't even get called.
The errors that are thrown start with:
A call to SSPI failed, see inner exception
then
The message received was unexpected or badly formatted.
If I try to connect to any of the other SMTP ports 465 or 587 the system just hangs.
This all happens when connecting, before the email is sent. So it cannot be a DKIM issue. And the SPF record is set up correctly. We don't have the reverse dns setup because we plan on sending from multiple servers with different IPs.
I don't know why yahoo is being so difficult.
Tried talking with MailKit, tries allowing all TLS and SSL connections. Tried finding any YAHOO support.
using (var client = new SmtpClient())
{
client.LocalDomain = "MyDomain";
// right now we don't care about all SSL certificates (in case the server supports STARTTLS)
client.ServerCertificateValidationCallback = (s, c, h, e) => {
return true;
};
client.SslProtocols = System.Security.Authentication.SslProtocols.Tls11 |
System.Security.Authentication.SslProtocols.Tls12 |
System.Security.Authentication.SslProtocols.Tls |
System.Security.Authentication.SslProtocols.Ssl3 |
System.Security.Authentication.SslProtocols.Ssl2;
client.CheckCertificateRevocation = false;
client.Connect("mta6.am0.yahoodns.net", 25, false); //<--- fails here
client.Send("test", fromMailBoxAddress, recipientsEmailBoxAddresses);
client.Disconnect(true);
}
To answer your question, I might have an idea why Yahoo is being so difficult - it's possibly your message construction. Verify your MimeMessage has the same exact email address for your From and Sender addresses. Ensure your ReplyTo only contains the Sender email address. I had both the sender and recipient email addresses in the ReplyTo and Yahoo did NOT like that. And, of course, you are using a Yahoo App password for authentication. Once I made these two changes, Yahoo sent the email successfully.
Settings
client.SslProtocols = System.Security.Authentication.SslProtocols.Tls12;
client.DeliveryStatusNotificationType = mail.DeliveryStatusNotificationType.Full;
await client.ConnectAsync("smtp.mail.yahoo.com", 587, SecureSocketOptions.StartTls);
await client.AuthenticateAsync(yourEmailAddress#yahoo.com, yourYahooAppPassword);
await client.SendAsync(Message);
await client.DisconnectAsync(true);
Research
Bad message construction breaks one of Yahoo's many policies. This was ONLY happening with SMTP via Yahoo. SMTP via Gmail and Outlook work fine. I kept comparing a simple MailMessage with MimeMessage message construction. MailMessage sent, MimeMessage failed, I kept getting a 550 request failed; mailbox unavailable response from Yahoo every time with my MimeMessage. I verified by using ProtocolLogger. My From was empty and that is one issue, and, I had the recipient in my ReplyTo. If I merely added the sender to the ReplyTo, it still throws that same 550 error. I had to ensure the sender was the only email in the ReplyTo.
Hope this helps.
Use client.Connect("mta6.am0.yahoodns.net", 25, SecureSocketOptions.None); if you want to disable STARTTLS or use client.Connect("smtp.mail.yahoo.com", 587, SecureSocketOptions.Auto); which works fine.
Not sure where you are getting "mta6.am0.yahoodns.net" from, but I can't even make a normal socket connection to that address.

ASP.NET Core 3.0 React app errors: failed to proxy

(FYI, this is my first Microsoft project of any type and I am not familiar with technologies like proxy servers, etc so my description of the issues may not be the greatest).
I have been working on an ASP.NET Core 3.0 (preview) React app for the past month or so without any issues. Last Friday I started updating the web api to pull data from the database for charting in the UI. This week I picked up where I left off but my project now errors on start up.
Events that occurred since it was last working... I installed and used Fiddler briefly on Friday to run some api calls but then switched over to Postman. Everything was fine and I left everything running (may have closed Fiddler, don't recall). This week I made some database changes (set a multi-column index via the Fluent API) and added more data to the database (SQL Server). I then proceeded to continue working on the web api starting with a request in Postman but it errored. I went to view the app UI but that errored as well.
After two days of googling/troubleshooting I think the most useful error given is the one below. From the error messages, I do not know where port 50158 is coming from. The app loads at https://localhost:44398/. I performed a search for "50158" on my whole computer and only found it in IIS log files. Here are the first 4 lines in each log file. The rest of each file mentions only '44398'.
Successfully registered URL "https://localhost:44398/" for site "MyAwesomeApplication" application "/"
Successfully registered URL "http://localhost:50158/" for site "MyAwesomeApplication" application "/"
Registration completed for site "MyAwesomeApplication"
Request started: "GET" https://localhost:44398/
I found some posts on SO that mention Fiddler causing similar issues to this error, however, they have not helped me resolve the problem.
Some posts on SO mention unchecking "Automatically detect settings" on the Internet Properties > Connections > LAN settings. It is indeed unchecked on my computer.
Some things I have tried:
I created a new project using all the same specifications but get the same errors.
I completely removed Fiddler.
I reverted the latest database changes.
Where is this problem coming from and what do I need to do to fix it?
Please let me know if more (and what) info would be useful. This issue is out of my current knowledgebase.
#
Error message (sorry, not sure how to format it nicely)
An unhandled exception occurred while processing the request.
SocketException: No connection could be made because the target machine actively refused it.
System.Net.Http.ConnectHelper.ConnectAsync(string host, int port, CancellationToken cancellationToken)
HttpRequestException: No connection could be made because the target machine actively refused it.
System.Net.Http.ConnectHelper.ConnectAsync(string host, int port, CancellationToken cancellationToken)
HttpRequestException: Failed to proxy the request to http://localhost:50158/, because the request to the proxy target failed. Check that the proxy target server is running and accepting requests to http://localhost:50158/.
The underlying exception message was 'No connection could be made because the target machine actively refused it.'.Check the InnerException for more details.
Microsoft.AspNetCore.SpaServices.Extensions.Proxy.SpaProxy.PerformProxyRequest(HttpContext context, HttpClient httpClient, Task baseUriTask, CancellationToken applicationStoppingToken, bool proxy404s)
Stack Query Cookies Headers Routing
SocketException: No connection could be made because the target machine actively refused it.
System.Net.Http.ConnectHelper.ConnectAsync(string host, int port, CancellationToken cancellationToken)
Show raw exception details
HttpRequestException: No connection could be made because the target machine actively refused it.
System.Net.Http.ConnectHelper.ConnectAsync(string host, int port, CancellationToken cancellationToken)
System.Threading.Tasks.ValueTask.get_Result()
System.Net.Http.HttpConnectionPool.ConnectAsync(HttpRequestMessage request, bool allowHttp2, CancellationToken cancellationToken)
System.Threading.Tasks.ValueTask.get_Result()
System.Net.Http.HttpConnectionPool.CreateHttp11ConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
System.Threading.Tasks.ValueTask.get_Result()
System.Net.Http.HttpConnectionPool.GetHttpConnectionAsync(HttpRequestMessage request, CancellationToken cancellationToken)
System.Threading.Tasks.ValueTask.get_Result()
System.Net.Http.HttpConnectionPool.SendWithRetryAsync(HttpRequestMessage request, bool doRequestAuth, CancellationToken cancellationToken)
System.Net.Http.HttpClient.FinishSendAsyncUnbuffered(Task sendTask, HttpRequestMessage request, CancellationTokenSource cts, bool disposeCts)
Microsoft.AspNetCore.SpaServices.Extensions.Proxy.SpaProxy.PerformProxyRequest(HttpContext context, HttpClient httpClient, Task baseUriTask, CancellationToken applicationStoppingToken, bool proxy404s)
Show raw exception details
HttpRequestException: Failed to proxy the request to http://localhost:50158/, because the request to the proxy target failed. Check that the proxy target server is running and accepting requests to http://localhost:50158/. The underlying exception message was 'No connection could be made because the target machine actively refused it.'.Check the InnerException for more details.
Microsoft.AspNetCore.SpaServices.Extensions.Proxy.SpaProxy.PerformProxyRequest(HttpContext context, HttpClient httpClient, Task baseUriTask, CancellationToken applicationStoppingToken, bool proxy404s)
Microsoft.AspNetCore.Builder.SpaProxyingExtensions+<>c__DisplayClass2_0+<b__0>d.MoveNext()
Microsoft.AspNetCore.Builder.RouterMiddleware.Invoke(HttpContext httpContext)
IdentityServer4.Hosting.IdentityServerMiddleware.Invoke(HttpContext context, IEndpointRouter router, IUserSession session, IEventService events)
IdentityServer4.Hosting.MutualTlsTokenEndpointMiddleware.Invoke(HttpContext context, IAuthenticationSchemeProvider schemes)
Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
IdentityServer4.Hosting.BaseUrlMiddleware.Invoke(HttpContext context)
Microsoft.AspNetCore.Authentication.AuthenticationMiddleware.Invoke(HttpContext context)
Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore.MigrationsEndPointMiddleware.Invoke(HttpContext context)
Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore.DatabaseErrorPageMiddleware.Invoke(HttpContext httpContext)
Microsoft.AspNetCore.Diagnostics.EntityFrameworkCore.DatabaseErrorPageMiddleware.Invoke(HttpContext httpContext)
Microsoft.AspNetCore.Diagnostics.DeveloperExceptionPageMiddleware.Invoke(HttpContext context)
Show raw exception details
For me it had to do with cookie size being too large for development server.
I was working on a React client app served by ASP.NET Core 3.1 with Keycloak as an OP.
Fresh React templates did also suddenly not start anymore.
Clearing cookies made my projects start again.
ref:
https://techcommunity.microsoft.com/t5/iis-support-blog/400-error-in-asp-net-core-project-because-of-8-kb-cookie-limit/bc-p/1308877#M431
I decided to try and roll all the NuGet packages to a previous version (v3.0.0-preview5-19227). My app now functions as expected. Looking at the download page for dotnet-core, it looks like v3.0.0-preview6 was released on 06/12. I started my project way before that so maybe I updated the packages and just don't recall??? Either way, time to make up for 2 days lost.

Debugging in Firefox Developer Edition yields WSFederationMessageException: ID3204

I really like Firefox Developer Edition but in the past I have found multiple issues when just trying to get it going which have often required administrator intervention at other places I've worked. The latest issue I'm running into is that when trying to log into some web application I'm debugging (named XXX.YYY) at a new client site, I get the following server error. I don't get this when I use Internet Explorer as my browser. What can I do to correct it?
Server Error in '/XXX.YYY' Application. ID3204:
WS-Federation SignIn request must specify a 'wtrealm' or 'wreply'
parameter. Description: An unhandled exception occurred during the
execution of the current web request. Please review the stack trace
for more information about the error and where it originated in the
code.
Exception Details:
Microsoft.IdentityModel.Protocols.WSFederation.WSFederationMessageException:
ID3204: WS-Federation SignIn request must specify a 'wtrealm' or
'wreply' parameter.
Source Error:
An unhandled exception was generated during the execution of the
current web request. Information regarding the origin and location of
the exception can be identified using the exception stack trace below.
Stack Trace:
[WSFederationMessageException: ID3204: WS-Federation SignIn request
must specify a 'wtrealm' or 'wreply' parameter.]
Microsoft.IdentityModel.Protocols.WSFederation.SignInRequestMessage..ctor(Uri
baseUrl, String realm, String reply) +271
Microsoft.IdentityModel.Protocols.WSFederation.WSFederationMessage.CreateFromNameValueCollection(Uri
baseUrl, NameValueCollection collection) +753
Microsoft.IdentityModel.Protocols.WSFederation.WSFederationMessage.TryCreateFromUri(Uri
requestUri, WSFederationMessage& fedMsg) +57
Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.GetSignOutCleanupMessage(HttpRequest
request) +34
Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.CanReadSignInResponse(HttpRequest
request, Boolean onPage) +188
Microsoft.IdentityModel.Web.WSFederationAuthenticationModule.OnAuthenticateRequest(Object
sender, EventArgs args) +85
System.Web.SyncEventExecutionStep.System.Web.HttpApplication.IExecutionStep.Execute()
+142 System.Web.HttpApplication.ExecuteStep(IExecutionStep step, Boolean& completedSynchronously) +92
Version Information: Microsoft .NET Framework Version:4.0.30319;
ASP.NET Version:4.6.1590.0
I found a solution! It turns out the issue was that Firefox Developer Edition by default will not authenticate with the Windows NT LAN Manager (NTLM) protocol the way IE does out of the box. So, you have to configure it to do so:
Open Firefox Developer Edition and type in about:config in the address bar. You will be
prompted with a warning. Click the "I accept the risk!" button.
Use the ‘Search’ field at the top of the browser just below the address bar to find the network.automatic-ntlm-auth.trusted-uris configuration parameter.
Double-click the name of the configuration parameter, or right-click it and select Modify.
Enter the URLs of the sites you're having trouble authenticating to. Use the format:
https://localhost
There is no need to specify a port number nor a path to any particular page because authentication works on a site by site basis. You can list more than one site by comma-delimiting them. Now, my XXX.YYY web app which I was trying to debug locally runs and authenticates just fine!

Whats the URL from the Microsoft Dynamics CRM Server? [closed]

Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Today I installed the Microsoft Dynamics CRM on my Windows Server 2008 r2.
Everything was fine, but now I can't find the Link to my Hompage.
Can somebody of you tell me the default URL from the Microsoft Dynamics CRM? I just installed the 90 day free Trial version of it.
When I type in my browser: http://localhost/ then I get the Error:
HTTP Error 401.2 - Unauthorized
You are not authorized to view this page due to invalid authentication headers.
and here are some Informations about my Server:
Detailed Error Information
Module IIS Web Core
Notification AuthenticateRequest
Handler StaticFile
Error Code 0x80070005
Requested URL `http://localhost:80/`
Physical Path C:\inetpub\wwwroot
Logon Method Not yet determined
Logon User Not yet determined
How can I fix that?
If it would be fine, I think, I could enter the URL in my webbrowser and the typical page from the CRM comes?
I use Internet Explorer. And I already have the Administrator rights on my Server.
EDIT: Ok, the Problem with Localhost changed. When I type in Localhost now, i came to the IIS website. But that doesn't helped me a lot. So, what I've done was: I added the Windows authentication to the Server Role from the IIS Server. I found it in the Security part.
But the problem with the URL from CRM is already here.
EDIT EDIT: I found out, that I have the Port 5555 for the CRM. So, when I write in the Internet Explorer: http://localhost:5555/ then appears a very long and complex Error.
Server Error in '/' Application.
--------------------------------------------------------------------------------
Caller does not have enough privilege to set CallerOriginToken to the specified value.
Description: An unhandled exception occurred during the execution of the current web request. Please review the stack trace for more information about the error and where it originated in the code.
Exception Details: Microsoft.Crm.CrmException: Caller does not have enough privilege to set CallerOriginToken to the specified value.
Source Error:
An unhandled exception was generated during the execution of the current web request. Information regarding the origin and location of the exception can be identified using the exception stack trace below.
Stack Trace:
[CrmException: Caller does not have enough privilege to set CallerOriginToken to the specified value.]
Microsoft.Crm.Extensibility.ExternalMessageDispatcher.VerifyCallerOrigin(ExecutionContext context) +260
Microsoft.Crm.Extensibility.ExternalMessageDispatcher.Execute(String messageName, Int32 primaryObjectTypeCode, Int32 secondaryObjectTypeCode, PropertyBag fields, CorrelationToken correlationToken, CallerOriginToken originToken, UserAuth userAuth, Guid callerId) +724
Microsoft.Crm.Sdk.RequestBase.Process(Int32 primaryObjectTypeCode, Int32 secondaryObjectTypeCode, CorrelationToken correlationToken, CallerOriginToken originToken, UserAuth userAuth, Guid callerId) +149
Microsoft.Crm.Sdk.RequestBase.Process(CorrelationToken correlationToken, CallerOriginToken originToken, UserAuth userAuth, Guid callerId) +183
Microsoft.Crm.Sdk.CrmServiceInternal.Execute(RequestBase request, CorrelationToken correlationToken, CallerOriginToken originToken, UserAuth userAuth, Guid callerId) +465
Microsoft.Crm.Sdk.InProcessCrmService.Execute(Object request) +2688
Microsoft.Crm.Application.Platform.ServiceCommands.PlatformCommand.ExecuteInternal() +368
Microsoft.Crm.Application.Platform.DataSource.RetrieveAvailableLanguages() +40
Microsoft.Crm.Application.Utility.ApplicationLanguage.get_AvailableLanguages() +220
Microsoft.Crm.Application.Controls.AppUIPage.get_AvailableLanguages() +9
Microsoft.Crm.Application.Controls.AnonymousPage.OnInit(EventArgs e) +25
Microsoft.Crm.Application.Web.Pages.ErrorHandlerPage.OnInit(EventArgs e) +211
System.Web.UI.Control.InitRecursive(Control namingContainer) +143
System.Web.UI.Page.ProcessRequestMain(Boolean includeStagesBeforeAsyncPoint, Boolean includeStagesAfterAsyncPoint) +1477
--------------------------------------------------------------------------------
Version Information: Microsoft .NET Framework Version:2.0.50727.5466; ASP.NET Version:2.0.50727.5456
EDIT: Now it works finaly. The Problem was, that my Account wasn't in the Privacy User Group. I found it on this very helpful blog:
Link 1
Link 2
Link 3
Sorry, I can't post more than 1 link. So I had to do it in Code. Hope this helps somebody who has the same problem.
The url is nice, check if you have another application in port 80. Try set windows authentication in iis, see this. Verify also the access to AD.
You'd probably want to register the CRM server on a different port (we use 5555 for instance), especially if it's for development and not not to be exposed to a customer.
And to answer your question. The address is as follows. Suppose that you've registered two organizations: monkey and donkey.
http://localhost:5555/monkey
http://localhost:5555/donkey
And the discovery etc. services are as follows (for monkey on default port).
http://localhost:80/XRMServices/2011/Discovery.svc
http://localhost:80/CRM-Konsulterna/XRMServices/2011/Organization.svc
http://localhost:80/CRM-Konsulterna/XRMServices/2011/OrganizationData.svc
You need to keep in mind two things (which you probably know of already).
1. Port 80 doesn't need to be specified explicitly, nor does the protocol.
2. Localhost will only work if you're in fact on the server (otherwise, specify the IP).

getting autodiscover URL from Exchange email address

I'm starting with an address for an Exchange 2007 server:
user#domain.exchangeserver.org
And I attempted to send an autodiscover request, as documented at MSDN.
I attempted to use the generic autodiscover address documented at the TechNet White Paper.
So, using curl on PHP, I sent the following request:
<Autodiscover
xmlns="http://schemas.microsoft.com/exchange/autodiscover/outlook/requestschema/2006">
<Request>
<EMailAddress>user#domain.exchangeserver.org</EMailAddress>
<AcceptableResponseSchema>
http://schemas.microsoft.com/exchange/autodiscover/outlook/responseschema/2006a
</AcceptableResponseSchema>
</Request>
</Autodiscover>
to the following URL:
https://domain.exchangeserver.org/autodiscover/autodiscover.xml
But got no response, just an eventual timeout.
I also tried:
https://autodiscover.domain.exchangeserver.org/autodiscover/autodiscover.xml
With the same result.
Now, since my larger goal is to use Autodiscover with Exchange Web Services, and since all of the EWS URLs typically use the same sub-domain as the Outlook Web Access address, I thought I'd see if the same were true for autodiscovery URLS. Since the OWA URL is:
OWA: https://wmail.domain.exchangeserver.org
I tried:
https://wmail.domain.exchangeserver.org/autodiscover/autodiscover.xml
And sure enough, I got back the expected response.
However, I only knew the OWA sub-domain because it's the server I have access to and that I'm using to test everything. I would not know it for sure or be able to guess it if this were a live app and the user was entering in their own Exchange email.
I know that the autodiscover settings must be available without knowing the OWA URL, because I can enter:
user#domain.exchangeserver.org
into Apple Mail on Snow Leopard and it finds everything without trouble.
So the question is...
Should https://domain.exchangeserver.org/autodiscover/autodiscover.xml have worked, and I just missed a step when trying to connect to it? Or,
Is there some trick (maybe involving pinging the email address?) that Apple Mail and other clients use to resolve the address to the OWA subdomain before sending the autodiscover request?
Thanks to anyone who knows or can take a wild guess.
After a bit more banging my head against the Google, I found the following very helpful article on MSDN:
http://msdn.microsoft.com/en-us/library/ee332364.aspx
Specifically the section "Calling Autodiscover"
I'm still trying to figure out how to do a Active Directory Service Connection Point search via LDAP, but step 4, for my server at least, worked like a charm:
The application sends an unauthenticated GET request to http://autodiscover.contoso.com/autodiscover/autodiscover.xml. (Note that this is a non-SSL endpoint).
If the GET request returns a 302 redirect response, it gets the
redirection URL from the Location HTTP
header, and validates it as described
in the section “Validating a
Potentially Unsafe Redirection URL”
later in this article.
Sure enough, a request sent to:
http://domain.exchangeserver.org/autodiscover/autodiscover.xml
sent back a 302 redirect URL:
https://wmail.domain.exchangeserver.org/autodiscover/autodiscover.xml
But this article gives a series of steps, so anyone wanting to implement autodiscover for an Exchange client has 5 things to try before giving up.

Resources